- 最新
- 最多得票
- 最多評論
Did you snapshot the instance before the upgrade? If so, I would suggest you revert to your snapshot and try the upgrade again.
It sounds like the SSH service isn't active. That may be due to the upgrade or some problem during the upgrade.
Browser-based SSH won't work if your instance's system clock drifted too much from correct time.
Please check if that's indeed the case.
Did Debian upgrade modify your /etc/ssh/sshd_config file? Because that may be another reason why browser-based SSH stopped working.
Does your /etc/ssh/sshd_config file still contain the following line?
TrustedUserCAKeys /etc/ssh/lightsail_instance_ca.pub
Does /etc/ssh/lightsail_instance_ca.pub still exist?
When your Lightsail instance was launched for the first time it ran the setup script that prepared it for browser-based SSH and more. You can see the contents of that script by using your favorite SSH client and doing this:
curl -s http://169.254.169.254/latest/user-data
If the setup related to /etc/ssh/lightsail_instance_ca.pub file was lost during upgrade, you may be able to recover browser-based SSH by repeating the steps in that script that pertain to /etc/ssh/lightsail_instance_ca.pub.
Thank you for using Lightsail.
Edited by: Pavel@AWS on Jul 30, 2019 12:36 PM
Thanks for Pavel@AWS and David G reply.
Finally ,add this line in /etc/ssh/sshd_config file , completely fixed my instance problem.
(Do not forget restart ssh service.)
TrustedUserCAKeys /etc/ssh/lightsail_instance_ca.pub
Edited by: chenlola on Sep 7, 2019 9:42 AM
I am having this issue when when I copy a snapshot from a US region to Australia region and start a new instance with this snapshot.
/etc/ssh/sshd_config still has the same line "TrustedUserCAKeys /etc/ssh/lightsail_instance_ca.pub" as the snapshot in US region.
And the content of /etc/ssh/lightsail_instance_ca.pub is the same, but the web ssh client does not work. I guess the Australia region uses a different private to connect. What is the solution if it is? Thanks
It's possible that this is due to the timezone difference. This thread may provide some insight: https://forums.aws.amazon.com/thread.jspa?messageID=812946
Besides adding the public key in /etc/ssh/sshd_config file as mentioned above, try also adding the second line "CASignatureAlgorithms +ssh-rsa". It worked for me.
TrustedUserCAKeys /etc/ssh/lightsail_instance_ca.pub
CASignatureAlgorithms +ssh-rsa
相關內容
- AWS 官方已更新 1 年前
- AWS 官方已更新 2 年前